Secure synchronization and sharing of secrets

1. A machine-implemented method to execute on a machine, comprising: receiving, by the machine, a key from a first principal to access a secret store belonging to and controlled by a second principle but the secret store is controlled and is managed by an identity management service on behalf of the second principal within a secure environment, the identity management service does not store the key and the key is used by the identity management service to both decrypt the secret store and the re -encrypt the secret store; validating, by the machine, the key; granting, by the machine, access to the secret store in response to the key being validated and in response to a contract that defines a relationship between the first and the second principals, the contract including policies: that limit operations that the first principal can make against the secret store, that are applied against specific entries within the secret store, and that define an amount of time that the first principal can access the secret store, and applying, by the identity manager, additional global policies against access to the secret store and all secret stores managed by the identity manager, and sending the second principal periodic reports detailing activities of the first principal with respect to the secret store; updating, by the machine, the secret store in response to actions of the first principal; and propagating, by the machine, changes caused by the update to one or more partitions associated with the secret store.

2. The method of claim 1 further comprising, acquiring, by the machine, a delegation key for use in accessing each of the one or more partitions, wherein the delegation key is housed in the secret store.

3. The method of claim 1 , wherein receiving further includes authenticating the first principal.

4. The method of claim 1 , wherein granting further includes providing one or more secrets of the second principal to the first principal from the secret store.

5. The method of claim 1 further comprising, logging, by the machine, actions of the first principal with respect to the secret store.

6. A machine-implemented method to execute on a machine, comprising: receiving, by the machine, an access key from a first principal that permits access to a secret store of the first principal, the secret store controlled by an identity manager within a secure environment and the access key is not stored by the identity manager and the access key is used by the identity manager for decrypting the secret store and then re-encrypting the secret store; authenticating, by the machine, a second principal for access to the access key; and providing, by the machine, the second principal the access key once authenticated for access, and in response to a contract that defines a relationship between the first and the second principals, the contract including policies that limit operations that the second principal can make against the secret store, that are applied against specific entries within the secret store, and that define an amount of time that the second principal can access the secret store, and applying, by the identity manager, additional global policies against access to the secret store and all secret stores managed by the identity manager, and sending the first principal periodic reports detailing activities of the second principal with respect to the secret store; receiving, by the machine, one or more delegation keys to access partitions of the secret store and providing the delegation keys if the second principal is authenticated for access to the delegation keys; and propagating updates to the secret store or to the partitions if changes are detected in the one of the partitions of the secret store.

7. A system, comprising: a machine having an identity service implemented in a non-transitory machine-readable medium and to execute on the machine; and the machine having an identity manger implemented in a non-transitory machine-readable medium and to execute on the machine, the identity service is to provide common keys, and the common keys are used to decrypt access keys, and the access keys are to be presented to the identity manager by a first principal to gain access to secret stores associated with other principals and access is defined by contracts in the secret stores that defines relationships between the first principal and the other principals, the secret stores are controlled by the identity manager within a secure environment and the access keys are not stored by the identity manager and the access keys is used by the identity manager to decrypt the secret stores and then re-encrypt the secret stores, the contracts including : that limit operations that the first principal can make against the secret store, that are applied against specific entries within the secret store, and that define an amount of time that the first principal can access the secret store, and applying, by the identity manager, additional global policies against access to the secret store and all secret stores managed by the identity manager, and sending the second principal periodic reports detailing activities of the first principal with respect to the secret store, wherein the common keys represent public keys of principals, and wherein the first principal is to access the identity service to acquire a particular common key associated with a second principal, and the particular common key and a private key of the first principal enable the first principal to decrypt an encrypted access key and the decrypted access key when presented to the identity manager permits the first principal to gain access to a particular one of the secret stores associated with the second principal.

8. The system of claim 7 , wherein the identity manager is to partition a number of the secret stores and establish different access key for the partition.

9. The system of claim 7 , wherein the identity manager is to synchronize updates made to entries of the secret stores with one or more other secret stores or partitions associated with the secret stores.

10. The system of claim 7 , wherein the identity manager is to permit modifications to the secret stores in response to the access keys.

11. The system of claim 7 , wherein the identity manager is to present suggested or proposed modifications to secrets in the secret stores to principals for acceptance or non acceptance.

12. A system, comprising: a machine having an identity manager implemented in a non-transitory machine-readable medium and to execute on the machine; and the machine a first principal implemented in a non-transitory machine-readable medium and to execute on the machine, the first principal is to provide an access key to the identity manager associated with a secret store of a second principal, the identity manager controls and manages the secret store on behalf of the second principal and the identity manager controls and manages updates and synchronization associated with changes to the secret store made by the first principal, the identity manager does not store the access key and the identity manage is to use the access key to decrypt the secret store and then re-encrypt the secret store, and the secret store includes a contract that defines a relationship between the first principal and the second principal for access to the secret store of the second principal the contract including policies: that limit operations that the first principal can make against the secret store as enforced by the identity manager, that are applied against specific entries within the secret store, and that define an amount of time that the first principal can access the secret store, and applying, by the identity manager, additional global policies against access to the secret store and all secret stores managed by the identity manager, and sending the second principal periodic reports detailing activities of the first principal with respect to the secret store, wherein the identity manager detects a change in the secret store and acquires a different key from the secret store, and wherein the identity manager uses the different key to synchronize the change with a partition of the secret store.

13. The system of claim 12 , wherein the first principal is to acquire the access key from the second principal in an encrypted format, and wherein the encrypted format is encrypted with a public key of the first principal.

14. The system of claim 12 , where the secret store includes one or more encrypted secrets of the second principal.

15. The system of claim 12 , wherein the first principal is to annotate a number secrets of the second principal within the secret store, wherein the annotation suggest a change to the number of secrets which the second principal can accept or reject.